Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2020-29379
Analyzed
More InfoOfficial Page
Source-cve@mitre.org
View Known Exploited Vulnerability (KEV) details
Published At-29 Nov, 2020 | 01:15
Updated At-21 Jul, 2021 | 11:39

An issue was discovered on V-SOL V1600D4L V1.01.49 and V1600D-MINI V1.01.48 OLT devices. During the process of updating the firmware, the update script starts a telnetd -l /bin/sh process that does not require authentication for TELNET access.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.15.5MEDIUM
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Primary2.02.1LOW
AV:L/AC:L/Au:N/C:N/I:P/A:N
CPE Matches
vsolcn
vsolcn
>>v1600d4l_firmware>>1.01.49
cpe:2.3:o:vsolcn:v1600d4l_firmware:1.01.49:*:*:*:*:*:*:*
vsolcn
vsolcn
>>v1600d4l>>-
cpe:2.3:h:vsolcn:v1600d4l:-:*:*:*:*:*:*:*
vsolcn
vsolcn
>>v1600d-mini_firmware>>1.01.48
cpe:2.3:o:vsolcn:v1600d-mini_firmware:1.01.48:*:*:*:*:*:*:*
vsolcn
vsolcn
>>v1600d-mini>>-
cpe:2.3:h:vsolcn:v1600d-mini:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-306Primarynvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://seclists.org/fulldisclosure/2020/Jul/14cve@mitre.org
Exploit
Mailing List
Third Party Advisory
Change History
0Changes found
Details not found